This is certainly a new angle to discuss disclosure timelines: "How to deal with reporters who don't want their bugs fixed?" http://www.openwall.com/lists/oss-security/2018/01/18/1 …
Conf organizers should do the opposite: blacklist speakers who attempt to delay fixes with ego-trip embargoes.
-
-
It makes me wonder if confs should be trying to stop the "present a new exciting vuln live" trend and instead encourage focus on exposition of the process & tools behind already-announced-and-fixed vulns.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.